CVE-2023-3274: code-projects Supplier Management System Picture btn_functions.php unrestricted upload
First published: Thu Jun 15 2023(Updated: )
A vulnerability classified as critical has been found in code-projects Supplier Management System 1.0. Affected is an unknown function of the file btn_functions.php of the component Picture Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231624.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Supplier Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-3274?
CVE-2023-3274 is classified as a critical vulnerability.
How does CVE-2023-3274 affect the Supplier Management System?
CVE-2023-3274 allows unrestricted file uploads through the Picture Handler component.
What component is vulnerable in CVE-2023-3274?
The vulnerable component in CVE-2023-3274 is the btn_functions.php file.
What versions of Supplier Management System are affected by CVE-2023-3274?
CVE-2023-3274 affects version 1.0 of the Supplier Management System.
How can I mitigate CVE-2023-3274?
To mitigate CVE-2023-3274, implement file upload restrictions and validate file types rigorously.
- agent/type
- agent/first-publish-date
- agent/title
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/supplier management system project
- canonical/supplier management system
- version/supplier management system/1.0